Microsoft has sent out notifications to a few of its Outlook users informing them that hackers had access to their emails and other data for nearly three months this year.
Outlook is a web-based suite of webmail, contacts, tasks and calendar services.
According to technology news portal The Verge, Microsoft informed users that a support agent’s credentials had been compromised. This enabled hackers to view email addresses, folder names and subject lines of emails between January 1 and March 28.
However, in a separate notification to other users, Microsoft reportedly also admitted that the contents of their emails could have also been viewed.
The US-headquartered technology giant did not mention how many accounts had been compromised, but said that the security breach was worse than initially anticipated.
To control the damage, the company said in the notifications that it had immediately disabled the compromised credentials to prohibit any further unauthorised access.
The notification that was sent out also said that email login credentials were not directly impacted by the incident.
“However, out of caution, you should reset your password for your account,” read the message from the EU data protection officer.
Microsoft also cautioned its users that they might receive phishing emails or other spam mails, and they should be careful of misleading domain names or any email that requests personal information.
“Microsoft regrets any inconvenience caused by this issue. Please be assured that Microsoft takes data protection very seriously,” read the message.
The company also highlighted that it had engaged internal security and privacy teams to resolve the issue, apart from increasing the security of its systems to avoid any such breaches in the future.